Ever wished you could let your users run their own event processing code on your logging platform? Or allowed ecommerce customers the ability to run their own analytics backend? Container orchestration and service meshes offer seamless ways to run untrusted code in multitenant platforms. This talk will offer a brief overview of what service meshes can offer, along with a live demonstration of sandboxing untrusted services according to policy at both the container and network level. Leave this talk with new found confidence in your ability to grant more interesting and powerful opportunities on your own platform without compromising security.